Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

Skip to comments.

App Store, Hacked. (Updated: iTunes Accounts too.)
The Next Web ^ | July 4th, 2010 | Zee

Posted on 07/04/2010 7:02:00 PM PDT by PugetSoundSoldier

click here to read article


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 141 next last
To: PugetSoundSoldier

This story was reported many hours ago on Apple sites. You’re late to the party.

What are you? An apple hater or a non-Apple product lover?


41 posted on 07/04/2010 9:11:17 PM PDT by BunnySlippers (I LOVE BULL MARKETS . . .)
[ Post Reply | Private Reply | To 39 | View Replies]

To: PugetSoundSoldier; driftdiver; Swordmaker
It's beginning to get what looks like corroboration.

PC Magazine article

I'm willing to bet this is real, and that Apple will admit to it eventually, but not immediately.

42 posted on 07/04/2010 9:12:55 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 40 | View Replies]

To: PugetSoundSoldier

>>> Even when I prove my case, they will refuse to recant their charges of liar and FUD spreader.

Broken clocks are occasionally right and blind squirrels stumble upon nuts.


43 posted on 07/04/2010 9:13:51 PM PDT by Keith in Iowa
[ Post Reply | Private Reply | To 39 | View Replies]

To: PugetSoundSoldier
> I appreciate your comments; however, history is that - even if proven correct - I will still be condemned by most as an Apple hater. Even when I prove my case, they will refuse to recant their charges of liar and FUD spreader. And thus I claim those labels as trophies of their refusal to be honest.

Fanboys, of all stripes, tend to be blind to the failings of their chosen gods. They're not just bowing to Apple -- Microsoft doesn't attract them like before Vista, but I'm sure you remember the guys for whom Microsoft could do no wrong, and for whom everybody else was full of sh*t. Apple fanboys make me crazy, but no crazier than Windows fanboys did in their day.

> I must admit, I am surprised Swordmaker didn’t burst in with a “FUD” charge first, as has happened every other time, even when my posts are completely accurate and truthful. Perhaps he’s learning that just because I post something that he thinks is negative towards Apple, it does not make it false.

Spoken like a gentleman. :) (Obscure Monty Python ref.)

> As a few other FReepers have posted above, iTunes accounts have been hacked before, and apparently are being hacked again.

Yep, I think it's pretty clear somebody figured out a way to game the system and clean money from other people's accounts.

This has the aspect of yet another black eye for Apple, and it's totally their own, not AT&T's or anybody else's baby.

It also seems, the more I read on it, that this has been around for quite some time as a problem (not new today, anyway).

44 posted on 07/04/2010 9:23:42 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 39 | View Replies]

To: dayglored

See posts 8 and 13, above, at least for the iTunes breaches. I’m sure we’ll see the TNW article backed up, there’s already quite a bit of talk on other tech sites like slashdot.


45 posted on 07/04/2010 9:26:14 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 40 | View Replies]

To: dayglored; driftdiver; Swordmaker

See posts 41 and 43; perhaps now you understand why I wear their insults as a badge of honor... Even when 100% correct I must be wrong, or at least 2nd place.


46 posted on 07/04/2010 9:29:34 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 42 | View Replies]

To: PugetSoundSoldier; Swordmaker
> That's impossible, we've all been told time and again there has never been a security breach of any Apple product "in the wild"...;)

Who ever said that?

The only thing I know of that sounds like that is the claim that there are no self-replicating viruses "in the wild" for OS-X. That is, all known malware for OS-X requires operator cooperation ("Please download and execute this code"), or physical access to the machine (in which case all bets are off for -any- product).

I personally do not know of any self-replicating viruses for OS-X, so you may have seen me make that claim for OS-X's security.

But to say that anybody claims "that there has never been a security breach of any Apple product" is really out there. They must not know about Mac OS 9 and prior. If you can come up with an FR post where somebody wrote that statement, I'll join you in your derision of them.

That's a promise, Puget.

I'll ping Swordmaker to this comment, since being the Apple thread master, he may know of someone who made such a claim.

47 posted on 07/04/2010 9:34:24 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 11 | View Replies]

To: dayglored

“I’m willing to bet this is real, and that Apple will admit to it eventually, but not immediately.”

I’m sure they were stunned to find that your account never had as much in it as they had been reporting to you, but in a few weeks they will update your account with the new lower value.


48 posted on 07/04/2010 9:35:47 PM PDT by RS ("I took the drugs because I liked them and I found excuses to take them, so I'm not weaseling.")
[ Post Reply | Private Reply | To 42 | View Replies]

To: PugetSoundSoldier
> See posts 8 and 13, above, at least for the iTunes breaches. I’m sure we’ll see the TNW article backed up, there’s already quite a bit of talk on other tech sites like slashdot.

Yep.

Looks like the Slashdot post is also based on TNW's blog post.

If this is the result of a hack of iTunes itself (somebody busted iTunes security), then it's very bad for Apple. OTOH, if somebody got a bunch of iTunes account credentials some other way than through iTunes (say, through a separate phishing campaign), it's still not good but the headline "iTunes hacked" is not longer quite accurate.

I'll be interested to see which way it ends up.

49 posted on 07/04/2010 9:43:02 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 45 | View Replies]

To: RS
> I’m sure they were stunned to find that your account never had as much in it as they had been reporting to you, but in a few weeks they will update your account with the new lower value.

HAHA!! LOL. Good one.

50 posted on 07/04/2010 9:44:15 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 48 | View Replies]

To: dayglored; Swordmaker; RachelFaith; driftdiver; for-q-clinton

It’s OK, I’ve saved Swordmaker the hassle. RachelFaith (hi sweetie!) swore up and down that Apple systems and Apple iOS and OSX were invulnerable because they’re written differently, and both Swordmaker and RachelFaith insisted that while there could be malware out there, it’s never been an issue because malware just doesn’t exist in the wild.

I can provide the earlier threads, too... BTW, my contention over this obvious impossibility is what earned me the titles of GD EVIL LIAR, sinner, and vile spreader of FUD (among others), and apparently the enmity of the Mac List forever...


51 posted on 07/04/2010 9:44:28 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 47 | View Replies]

To: Sarah Barracuda

I opened an iTune account, and within a week, Amex was calling me, asking why I was buying $1,700 worth of services from a South American company. iTune account closed, Amex account cleansed from top to bottom.


52 posted on 07/04/2010 9:49:47 PM PDT by Cyber Liberty (Build a man a fire; he'll be warm for a night. Set a man on fire; he'll be warm the rest of his life)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Cyber Liberty

Yeah Itunes is really not secure at all. I only download the free apps from Itunes which don’t require a credit card at all. I would never put in a credit card into Itunes


53 posted on 07/04/2010 9:52:01 PM PDT by Sarah Barracuda
[ Post Reply | Private Reply | To 52 | View Replies]

To: PugetSoundSoldier

I got to say I thought it was just another phishing issue, but reading the comments by peeople on that thread make you realize Apple really dropped the ball.

1) Since apple is known to have the “dumb” user base they have always babied thier users, so they should have had a system in place to detect such fraud and alert thier users.

2) We don’t know if it only phishing that is causing this. Either way apple could have done more and should have done more to prevent this type of widespread hack.

3) Apple will suffer the same fate as Microsoft as they are the big boy on music/app store. Now they will see what it means to be secure. NO more security by obscurity (or minority). This is the bigtime and now we see what it gets you. Apple has a long way to go to catch up on security and we are just now finding this out.


54 posted on 07/04/2010 9:54:59 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 51 | View Replies]

To: Cyber Liberty

Wow it’s that bad.


55 posted on 07/04/2010 9:55:53 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 52 | View Replies]

To: for-q-clinton

I think Apple will learn the hard way. Witness the arrogance of Steve “you’re holding it wrong” Jobs. As problems continue to pile up, they’ll either collapse completely, or have to seriously re-evaluate everything from the top (Jobs) to the bottom (Genius Bar) in terms of how they consider the customer.

You remember the attacks I took for daring to claim that Apple was just about the bucks, they could care less about the customer as long as they made their money. Well, we’re seeing my claim to be true, and Apple is starting to pay the price for it.

Microsoft - as much as people love to hate them - at least keep the customer in mind when developing new tools. From maintaining backwards compatibility for their end-users, to providing best-in-class tools and supporting multiple development environments for those who create content.

Apple has a LONG, hard road ahead of them!


56 posted on 07/04/2010 9:59:20 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 54 | View Replies]

To: PugetSoundSoldier; Swordmaker; RachelFaith; driftdiver; for-q-clinton
> It’s OK, I’ve saved Swordmaker the hassle. RachelFaith (hi sweetie!) swore up and down that Apple systems and Apple iOS and OSX were invulnerable because they’re written differently, and both Swordmaker and RachelFaith insisted that while there could be malware out there, it’s never been an issue because malware just doesn’t exist in the wild... I can provide the earlier threads, too...

Ok... no need to provide those earlier threads, I know the ones you mean. I read some, not all, of the comments in those threads. Made me ill, to be honest, and I bailed after a while. But I got the gist of them.

>> That's impossible, we've all been told time and again there has never been a security breach of any Apple product "in the wild"...;)

"Never" and "any" are absolutes.

> If you can come up with an FR post where somebody wrote that statement, I'll join you in your derision of them. That's a promise, Puget.

Well, if RachelFaith said "never" a breach of "any" Apple product, then (sorry, Rachel) I must join Puget in saying, "You don't know what the hell you're talking about", because prior to Mac OS-X, the earlier Mac OS was riddled with security issues. It was as bad as Windows was until XP-SP2 (in general).

In addition, there certainly have been security issues in OS-X, and I imagine there are issues in iOS, which are regularly addressed by Apple in their security updates. Of course there are. No software is without issues.

"Invulnerable" is an awfully powerful word, and it's another absolute. Absolutes are difficult. Damned difficult. The only software I know of that is invulnerable is trivial, and can be demonstrated to be invulnerable because it does not contain a large number of paths and inputs. Certainly no operating system worth doing anything with is invulnerable.

So my opinion is that anyone who claims that an operating system (like Windows, OS-X, iOS, Linux, Android, even BSD Unix) is "invulnerable", clearly is not speaking of actual software. They are talking about something else. Or else they know nothing about actual software.

I can't speak to the "they're written differently" aspect without going back and figuring out what the heck was being talked about, which I'd rather not do. But having been writing software for 40 years (yes, since 1970), I'll observe that the code that executes does not have any knowledge of "how it was written" -- it's just code, and does not execute differently because it was written top-down vs. bottom-up, or in C vs. Pascal, or whatever. The bits don't carry their history.

Of course, the software design process makes a difference in how the software is written, and can improve or weaken its security. But there are lots of ways to write good code, and lots more ways to write bad code. Apple does not have a corner on the "good code" market.

So, Rachel, my FRiend, did you really say that? If not, what did you really say?

Anyway, I guess it's time to reconsider my account with Apple. I don't much like the idea that somebody can go charging to my card without my say-so.

57 posted on 07/04/2010 10:20:43 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 51 | View Replies]

To: PugetSoundSoldier; for-q-clinton
> Microsoft - as much as people love to hate them - at least keep the customer in mind when developing new tools. From maintaining backwards compatibility for their end-users, to providing best-in-class tools and supporting multiple development environments for those who create content.

Tools, yes! Products, no...

I work with Microsoft's tools every day. They're generally great, and well worth the price. I couldn't live without my MSDN subscription. I don't know of any other software vendor who comes even close.

OTOH, a lot of the time, I look at Microsoft's products, the things they develop with those tools, and I wonder "What in hell's name were they thinking???" Often I have to sadly conclude that they were not thinking at all.

But we're drifting off-topic... ;-)

58 posted on 07/04/2010 10:26:30 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 56 | View Replies]

To: PugetSoundSoldier; dayglored; driftdiver
I must admit, I am surprised Swordmaker didn’t burst in with a “FUD” charge first, as has happened every other time, even when my posts are completely accurate and truthful. Perhaps he’s learning that just because I post something that he thinks is negative towards Apple, it does not make it false.

Ignoring the implied ad hominems in your comments, I have yet to see many of your comments that met the criteria of "completely accurate and truthful." Most that I have seen have been misleading, misrepresenting, blown out of proportion, out of date, often ignorant, personally insulting, generally abusive to all Apple users, mistaken, often petty, and frequently just wrong, especially when you put words in my mouth I never said—absurd straw man statements—so you can easily knock them down.

Contrast those other posts to this post. Whether this is a serious issue or a minority squeaky hinge complaint, I have no idea. It is, however worthy of warning potential victims early and an easy thing to for them to check and watch for. As soon as I saw your ping, I notified the members of the list. They needed the warning. Thank you!

That being said, there is nothing about Apple's App Store or iTunes Store or how they handle transactions that differentiates them from any other large online retailer in how they handle transactions, especially for intangibles, that would give them any edge on security. Apple has never claimed that. These stores are just as susceptible as Amazon, eBay, or any other that does business on the web to being victims of internet fraudsters.

Snarky made-up assumptions, like driftdivers, about "bottom lines" and anecdotal claims of refusals to make refunds, fly in the face of other reports from national ratings organizations such as Consumers Reports giving Apple the highest ratings in customer service and satisfaction, based on time-tested consumer surveying techniques. Companies don't get those kind of ratings by screwing customers at every opportunity just to assure a healthy "bottom line." I'd say one would have to discount the anecdotal claims.

As for the Asian publisher buying his own books for high ratings? That doesn't strike me as very smart. He pays full retail, gets back 70%. All so he can write his own reviews? Sounds like a good way to go bankrupt quickly, unless his books are good and others will like them and write reviews supporting his. This type of shenanigans is clearly against the terms of use. Apple DID discover this and pulled his books.

I think this will turn out to be the result of a successful Phishing expedition. But until it shakes out, it's better to be safe and watch your account. Remember, Apple will never send you an email asking you to click on a link to provide your account information. . . Or ask you to reconfirm your credit card info from an email. If you receive such a request. It's a phishing attempt to steal your ID.

59 posted on 07/04/2010 10:42:09 PM PDT by Swordmaker (Remember, the proper pronunciation of IE is AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 39 | View Replies]

To: Swordmaker
http://www.macrumors.com/2010/07/04/reports-of-app-store-hacked-greatly-exaggerated/

Reports of 'App Store Hacked' Greatly Exaggerated

Sunday July 04, 2010 06:06 PM EST; Category: iPhone
Written by Arnold Kim


Earlier today a report on TheNextWeb claimed that the App Store had been hacked and that a rogue developer had gamed the system by artificially driving sales to their eBooks. The rise in ranks were noted by competing developers who thought the rise strange given that the books all represented poorly coded Vietnamese-based books.

A couple of reviews left on one of the books revealed that at least two customers had their iTunes accounts compromised to purchase the books. This led to theories that a widespread attack specifically tied to this developer could be the cause of the rise in ranks. Which then led to a cascade of headlines suggesting that everyone's iTunes account was suddenly vulnerable to a coordinated attack. While we do believe that this developer had been trying to game the iTunes ranking system, it's hard to believe that their efforts affected more than a few hundred accounts worldwide.

The Book category in which we found these apps (note, they've been pulled from the App Store) is one of the lowest trafficked categories in the App Store. Based on sales reports we've received from developers, the number of daily sales required to hold a book in the #10-#50 rank seems to range from 50-250 sales a day. That means that even if every sale was based on a compromised account, the actual number of accounts involved are minuscule compared to the 100 million active iTunes accounts.

Now, on a separate note, the issue of hacked or compromised iTunes accounts is a major issue, and one not to be dismissed. However, this issue has been ongoing for years and we're not convinced there has been a major spike in activity. iTunes accounts are easy targets since they are so common. In our forums we have had a running thread on the topic since January 2008. A few reports appear every few months. There do seem to be a higher number of reports arising the past day or two of other iTunes accounts being hacked. It's certainly possible there has been an acute rise in the past few days, but the added press coverage will certainly attract more stories. Meanwhile, a blog post from 2009 similarly attracted a number of "me too" reports.

It's still a good idea to make sure your accounts are safe, and especially important to make sure you have good (and different) passwords on all your sensitive accounts. Common mistakes include easy to guess passwords and shared passwords across multiple accounts.

60 posted on 07/04/2010 10:44:20 PM PDT by RightOnTheLeftCoast (Obama: running for re-election in '12 or running for Mahdi now? [http://en.wikipedia.org/wiki/Mahdi])
[ Post Reply | Private Reply | To 33 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 141 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson